A Study of Security Challenges in Mobile Ad hoc Networks

Shanthi 1

Research Scholar, Bharathiar University, Coimbatore

Dr. M. Ganaga Durga 2

Research Coordinator, Bharathiar University, Coimbatore

Abstract Mobile ad hoc networks (MANETs) are constructed of composite distributed systems which comprise wireless nodes and particularly useful in places where network infrastructure is costly. Protecting MANETs from security threats is a challenging task because of the MANETs dynamic topology. Every node in a MANETs is independent and is free to move in any direction, therefore change its connections to other nodes occurred frequently. Due to its decentralized nature, different cases of attempts can be taken place. The purpose of this research report is to analyze different MANETs security attacks.

Keywords: MANETs, Routing protocols, Attacks, Cryptography

INTRODUCTION

From last some years not only mobile devices are becoming smaller, more punk, more convenient, and more configured, they also run more applications and network services which increasing the development of mobile computing equipment market. Projections indicate that in the next couple of years the number of fluid connections and the number of consignments of mobile and Internet terminals will grow yet by another 2050% [1].

A mobile ad hoc network (MANET) is a collection of mobile devices that can pass by each other without the use of a predefined infrastructure or centralized administration. In addition to freedom of mobility, a MANET can be constructed quickly at a low cost, as it does not rely on existing network infrastructure. Due to this flexibility, a MANET is attractive for applications such as disaster relief, emergency operations, military service, maritime communications, vehicle networks, casual meetings, campus networks, robotic networks, and so on. Unlike the conventional network, a MANET is characterized by having a dynamic, continuously changing network topology due to mobility of nodes [2].

Ad hoc networking issues

Ad-hoc networks are a fresh paradigm of wireless communication for mobile hosts. In that respect is no set up infrastructure such as base stations for mobile switching. Nodes within each others radio range communicate directly via wireless links while those which are far apart rely on other nodes to relay messages. Node mobility causes frequent changes in topology. The wireless nature of communication and lack of any security infrastructure raises several security

problems. The following Fig 1 shows the operating process of ad hoc network.

Start

Nodes send signal to find other nodes

Nodes send signal to find other nodes

Synchronization among nodes

Synchronization among nodes

Receiving node send Ready signal

Receiving node send Ready signal

Wait

Wait

Communication Begins

Communication Begins

Is receiving node ready

Stop

Fig 1 Working Procedure Ad hoc Networks

There are some specic MANET issues and constraints which create evils and signicant challenges in the ad hoc network. To show the enormous sum of research activities on ad hoc networks in a methodical manner, we will use them, as a hint. The simplied architecture shown in following Fig 2.

As depicted in the Figure, the research activities will be combined, according to a layered approach into three primary regions:

Enabling Technologies; Networking; Middleware and applications.

Application 1 Application Application n

Cross Layer

Issues

Cross Layer

Issues

.

Fig 2 Simplified Architecture

The development of MANET cannot be separated from the universe of computing. Since it is portable and compact media with which we can communicate exclusive of a wired net. In this review paper, we talked over some typical and dangerous vulnerability in the MANET, attack type security criteria, which move on to supply guidance to the security-related research works in this field.

Characteristics of MANET

Autonomous and infrastructure less: MANET is a self- organized network, independent of any established infrastructure and centralized network administration. Each node acts as a router and operates in a distributed manner.

Multi-hop routing: Since there exists no dedicated outer, then every node as well acts as a router and aids in forwarding packets to the designated goal. Hence, data sharing among mobile nodes is made available.

Variation on link and node capabilities: Every participating node in an ad hoc network is equipped with a dissimilar type of radio devices having varying transmission and receiving capabilities. They all operate on multiple frequency bands. Asymmetric links may be made due to this heterogeneity in the radio capabilities. Energy-constrained operation: The processing power of node is restricted because the batteries carried by portable mobile devices have fixed power supply.

Scalability: A wide range of MANET applications may call for bulky networks with mass of nodes, especially that can found in strategic networks. Scalability is essential to the flourishing operation of the MANET.

ROUTING PROTOCOLS

MANET routing protocols are categorized into three main categories depending upon the criteria when the source node possesses a route to the destination, as shown in the following tree structure Fig 3.

Fig 3 Routing Protocols

Proactive Routing Protocols

The proactive protocols maintain reliable and up to date routing information between all the clients in an ad hoc network. In this each node builds its own routing table which can be utilized to find out a path to a destination and routing data is stacked away. Whenever there is any variation in the mesh topology, updating has to be established in the entire network [7]. More or less of the main table driven protocols are:

Optimized Link State Routing protocol (OLSR)

Destination sequenced Distance vector routing (DSDV)

Wireless routing protocol (WRP)

Fish eye State Routing protocol (FSR)

Cluster Gateway switch routing protocol (CGSR)

Reactive Routing Protocols

In On-demand or Reactive routing protocols routes are formed as and when required. When a client wants to commit information to any other node, it first initiates route discovery process to find out the route to that destination node. This path remains applicable till the destination is accessible or the route is not wanted. Dissimilar types of on demand driven protocols have been developed such as:

Ad hoc On Demand Distance Vector (AODV)

Dynamic Source routing protocol (DSR)

Temporally ordered routing algorithm (TORA)

Associativity Based routing (ABR)

Hybrid Routing Protocols

This case of routing protocols combines the characteristics of both the former classes. The nodes belonging to a particular geographical region are believed to be in the same zone and are proactive in nature. Whereas the communication between nodes located in different zones is done reactively. The different types of Hybrid routing protocols are:

Zone routing protocol (ZRP)

Zoe-based hierarchical link state (ZHLS)

Distributed dynamic routing (DDR)

AODV

It is a reactive routing protocol designed for a mobile ad hoc network. In AODV [8], when a source node S wants to transport a data package to a destination node D and

does not have a route to D, it initiates route discovery by broadcasting a route request (RREQ) to its neighbors. The immediate neighbours who receive this RREQ rebroadcast the same RREQ to their neighbours. This procedure is iterated until the RREQ reaches the goal client. Upon meeting the first arrived RREQ, the destination node sends a route reply (RREP) to the source node through the reverse path where the RREQ arrived. The same RREQ that arrives later will be brushed aside by the destination client. In addition, AODV enables intermediate nodes that have sufficiently fresh routes (with destination sequence number equal or larger than the one in the RREQ) to generate and send a RREP to the root node.

2.4 OLSR

the RREQ packet, it will forthwith transmit a false RREP (Reply) packet with a modified higher sequence number. Thus, that the source node assumes that the client is having the fresh route towards the address. The source node ignores the RREP packet received from other nodes and begins to broadcast the information packets over malicious node. A malicious node takes all the routes towards itself. It does not allow forwarding any packet anywhere. This attack is called a blackhole as it swallows all objects; data packets [10].

RREQ RREP

Data

RREQ RREP

Data

C

D

It is a proactive routing protocol, that it is founded S B

on the periodic exchange of topology information. The

central concept of OLSR is the use of multipoint relays M

(MPR) to supply an efficient flooding mechanism by A reducing the number of transmissions required. In OLSR [9]

each node selects its own MPR from its neighbours. Each MPR node maintains the list of knowing that were picked out as an MPR; this inclination is called as an MPR selector list. Only nodes selected MPR nodes are responsible for advertising well as sending on an MPR selector list advertised by other MPRs.

CASES OF ATTACKS FACED BY ROUTING PROTOCOLS

Due to their underlined architecture, ad-hoc networks are more easily attacked than a cabled net. The attacks prevalent on ad-hoc routing protocols can be broadly classified into passive and active attacks

A Passive Attack does not interrupt the performance of the protocol, but attempts to hear valuable data by taking heed to traffic. Passive attacks basically involve obtaining vital routing information by sniffing around the web. Such attempts are commonly difficult to detect and hence, defending against such attacks is complicated. Even if it is not possible to distinguish the precise placement of a node, one may be capable to find information about the mesh topology, using these attacks.

An Active Attack, however, injects arbitrary packets and tests to disrupt the performance of the protocol in order to limit availability, gain authentication, or attract packets destined to other odes. The finish is essentially to attract all packets to the attacker for analysis or to disable the network. Such attempts can be discovered and the lymph glands can be distinguished

In this report we try to examine some of the threats faced by the ad hoc network environment.

Blackhole attack

MANETs are vulnerable to several approaches. General attack types are the threats against Physical, MAC, and network layer which are the most important layers that function of the routing mechanism of the ad hoc network. In blackhole attack, the malicious node waits for the neighbours to initiate a RREQ (Request) packet. As the client receives

Fig 4. Blackhole Attack

In Fig 4, source node S wants to transmit data packets to a destination node D in the network. M node is a malicious node which works as a black mess. The attacker replies with a false reply RREP having higher modified.

Flooding Attack

The intention of the flooding attack is to beat the network resources, such as bandwidth and consume a nodes resource, such as computational and battery power or to disrupt the routing procedure to cause severe degradation in network operation. For instance, in AODV protocol, a malicious node can broadcast a great number of RREQs in a short period to a destination node that does not exist in the mesh. Because no one will respond to the RREQs, these RREQs will flood the whole web. As a consequence, all of the node battery power, as well as network bandwidth will be eaten up and could contribute to denial-of-service. In [11], the authors establish that a flooding attack can decrease throughput by 84 percentages.

Link Withholding Attack

In this approach, a malicious node ignores the requirement to advertise the link of specific nodes or a group of nodes, which can result in link loss to these clients. This character of approach is especially dangerous in the OLSR protocol.

Link Spoofing Attack

In a link spoofing attack, a malicious node advertises fake links with non-neighbours to disrupt routing operations. For instance, in the OLSR protocol, an attacker can advertise a fake link with a targets two-hop neighbors. This makes the target client to select the malicious node to be its MPR. As an MPR node, a malicious node can then fake the data or routing traffic, for model, altering or dropping the routing traffic or doing other types of Denial of Service attacks.

node D will choose route D-P-J-S to unicast a RREP to the E source node S and ignore the same RREQ that arrived later.

B D

Target Attacker

J A1 A2 P

F

T A I

Attacker1 Attacker2 D

S Target

O

K L M N

G

H C

Link

Fake Link Message

Fig 4. Link Spoofing Attack

The above Fig 4 shows an example of the link spoofing attack in an OLSR MANET. In this form, we take that node A is the attacking node, and node T is the prey to be set on. Before the attack, both nodes A and B are MPRs for node T. During the link spoofing attack, node A advertises a fake link with node Ts two-hop neighbor, that is, node D. According to the OLSR protocol, node T will select the malicious node A as its only MPR since node A is the minimum set that reaches node Ts two-hop neighbours. By being node Ts only MPR, node A can then drop or withhold the routing traffic generated by node.

Replay Attack

In a MANET, topology frequently changes due to node mobility. This means that the current network topology might not exist in the future. In a replay attack [12], a node records another nodes valid control messages and resend them later. This causes other nodes to record their routing table with stale routes. Replay attack can be misused to impersonate a specific client or simply to disturb the routing operation in a MANET.

Wormhole attack

A Wormhole attack [12] is one of the most advanced and severe attacks in MANETs. In this attack, a pair of colluding attacker's record packets at one location and replays them at another position using a private high speed web. The sincerity of this approach is that it can be set up against all communications that offer authenticity and confidentiality.

The following Fig 5 presents an example of the wormhole attack against a reactive routing protocol. In this figure, we assume that nodes A1 and A2 are two colluding attackers and that node S is the target to be attacked. During the approach, when source node S broadcasts a RREQ to find a path to a destination node D, its neighbors J and K forward the RREQ as usual. However, node A1, which received the RREQ forwarded by node J, records and tunnels the RREQ to its colluding partner A2. Then, node A2 rebroadcasts this RREQ to its neighbor P. Since this RREQ passed through a high-speed channel, tis RREQ will reach node D first. Thus,

Link RREQ

Wormhole link RREQ with wormhole

RREP

Fig 5. Wormhole Attack

As a result, S will select route S-J-P-D that indeed passed through A1 and A2 to send its data.

Colluding Misrelay Attack

In this attack, multiple attackers work in collusion to modify or drop routing packets to disrupt routing operation in a MANET. This approach is hard to detect by using the conventional methods such as watchdog and portraiture [13]. Fig 6 presents an example of this approach. Take the case where node A1 forwards routes packets for node T. In the figure, the first attacker A1 forwards routing packets as usual to avoid being detected by node T. Nevertheless, the second attacker A2 drops or modifies these routing packets. In [14] the authors discuss this type of attack in OLSR protocol and show that a pair of malicious nodes can disrupt up to 100 percent of data packets in the OLSR MANET.

T A1 A2 B

Attacker1 Attacker2 Correct Routing Packet

Modified Routing Packet

Fig 6. Colluding Misrelay Attack

ANALYSIS REPORT

Since there is no set up infrastructure in Ad hoc network, Security is a major topic. As MANETs typically lacks a fundamental authority for authentication and key distribution, security mechanisms must be scalable and capable of frequent topology changes. The trust element is an significant concept in network security, as it is the set of relations among agents participating in the network activities.

Cryptography is the technique utilized to provide data communication, security, integrity, authenticity, confidentiality and non-renunciation. The cryptographic system is separated into symmetric and asymmetric cases. The Symmetric system requires less processing than

asymmetric, but clients should share the secret keys by a secure channel. In MANETs, there is no any pre-established channel. Hence, Symmetric system is not suitable for MANETs[15]. Whereas Asymmetric system requires a trusted entity to process key authentication and credential.

Cryptographic algorithms require public and private keys. The key management system is used to administrate these keys. It offers several processes like key generation, maintenance, distribution, protection, revocation of keys and ensures availability to clients. Identity-based coding is one of the key management strategies. Identity-based Cryptography is a pattern of asymmetric cryptography, which is appropriate for MANET. In this method, third party server uses a simple identifier such as email address, for generating public key. In identity-based cryptography, verification of users validity is

achieved by its unique identifier (ID). Private Key generates from a key generation center (KGC) while the Public Key is obtained from the users ID [16]. It is most suited for the MANET environment. We proposed Identity based cryptography to handle attacks in MANETs.

CONCLUSION

The development of MANET cannot be separated from the universe of computing. Since it is portable and compact media with which we can communicate exclusive of a wired network. In this review paper, we discussed some typical and dangerous vulnerability in the MANET, attack type security criteria and proposed Identity based cryptography, which move on to guide to the security-related research works in this area.